vpsGuard is a security tool. If you discover a vulnerability:

1. Do NOT open a public GitHub issue
2. Email details to security@vpsGuard.dev (or open a GitHub Security Advisory)
3. Include: Go version, OS version, steps to reproduce, impact assessment

We aim to respond within 48 hours and patch critical issues within 7 days.

• Agent binary and its components
• Installation scripts and systemd units
• Default configuration

• Third-party APIs (AbuseIPDB, AlienVault OTX, Telegram)
• The Central Platform (Phase B — separate project)

We currently do not offer a bug bounty program.